d1edfdbe5b4841a04fa123d707d5d391_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1edfdbe5b4841a04fa123d707d5d391_JaffaCakes118
Size

179KB
MD5

d1edfdbe5b4841a04fa123d707d5d391
SHA1

73fb704c14388cf1e4efeadbd8f23c25062765bf
SHA256

faed47d5aa84d4a8eb80ac2cbc9dd0b2b3ed7bcb7d0be27457088c8ac305c56e
SHA512

9cf40be3399ac6d6622821824af63224469de872f514e9ae31128f24633c0de4961b29958c088818c46c2449b8defeaa3f66616d90ddc329df954f266d4304e0
SSDEEP

3072:5/YsBQPlA/OPaQxzPprg2ggYZEmmEb4w59GktJ2IOTvjtcbCYvOGTuBKyBCsXJ:5/V2PS0fxlrg1RZrmBwikfCfo3/yBCsZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1edfdbe5b4841a04fa123d707d5d391_JaffaCakes118

Files

d1edfdbe5b4841a04fa123d707d5d391_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92496f5acccf034d4af54183bfbfee1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

advapi32

RegOpenKeyA
RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

rpcrt4

NdrFixedArrayFree
UuidCreate

kernel32

VirtualAllocEx
RaiseException
LocalAlloc
WideCharToMultiByte
EnumResourceNamesW
GetSystemTimeAsFileTime
lstrlenA
CreateProcessA
MultiByteToWideChar
OpenSemaphoreW
InterlockedExchange

shlwapi

PathFileExistsW

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ